-
mystart.incredibar.com/?loc=CH_NT malware
DDS (Ver_2012-10-14.05) - NTFS_AMD64
Internet Explorer: 9.0.8112.16421
Run by YR at 13:33:10 on 2012-10-16
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.4009.2261 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\vsnp2uvc.exe
C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe
C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
C:\Program Files\Fujitsu\PSUtility\PSUService.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\taskeng.exe
C:\Users\YR\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\YR\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\YR\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\YR\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\YR\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\YR\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://mystart.incredibar.com/mb128?a=6PQMJIR3uD&i=26
uDefault_Page_URL = hxxp://ts.fujitsu.com
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Google Update] "C:\Users\YR\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [IndicatorUtility] "C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe"
mRun: [snp2uvc] C:\Windows\vsnp2uvc.exe
mRun: [DeskUpdateNotifier] "c:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe"
mRun: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
mRun: [YouCam Mirror Tray icon] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
TCP: NameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{3F7562C9-F27E-463D-8296-32ADF363F79A} : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{513A9D91-8545-4E80-B3DB-05192565187A} : DHCPNameServer = 194.168.4.100 194.168.8.100
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [LoadFUJ02E3] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
x64-Run: [FDM7] C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
x64-Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
x64-Run: [PfNet] "C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe" /r
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
x64-Run: [snp2uvc] C:\Windows\vsnp2uvc.exe
x64-Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
x64-Run: [LoadBtnHnd] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 FBIOSDRV;Fujitsu BIOS Driver;C:\Windows\System32\drivers\FBIOSDRV.sys [2010-11-15 21104]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-9-30 969200]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-9-30 359464]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-14 59904]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-9-30 25232]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-9-30 71600]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-9-30 44808]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-3-30 923984]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-3-30 1001808]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 PFNService;PFNService;C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2010-10-7 331776]
R2 PowerSavingUtilityService;PowerSavingUtilityService;C:\Program Files\Fujitsu\PSUtility\PSUService.exe [2011-5-7 63336]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-9-21 2656280]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-3-30 1321296]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-3-8 51712]
R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-3-8 274944]
R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;C:\Windows\System32\drivers\fuj02e3.sys [2010-10-12 7296]
R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-3-22 59904]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-5-2 317440]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2011-3-24 25496]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-4-7 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETwNs64.sys [2011-5-31 8507392]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-5-7 245792]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-1-17 412776]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-14 17920]
R3 wdkmd;Intel WiDi KMD;C:\Windows\System32\drivers\WDKMD.sys [2011-3-24 42392]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-9-20 136176]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-9-20 136176]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2011-3-24 34200]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-1-5 340240]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-9-27 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2012-10-16 12:14:55 -------- d-----w- C:\Users\YR\AppData\Roaming\Malwarebytes
2012-10-16 12:14:42 -------- d-----w- C:\ProgramData\Malwarebytes
2012-10-16 12:14:39 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-10-16 12:14:39 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-10-15 19:58:10 -------- d-----w- C:\Program Files (x86)\Perion
2012-10-15 19:57:36 -------- d-----w- C:\Windows\SysWow64\WNLT
2012-10-15 19:56:06 -------- d-----w- C:\ProgramData\Tarma Installer
2012-10-15 19:56:00 -------- d-----w- C:\Program Files (x86)\OnlineHD.TV
2012-10-13 14:18:52 9308616 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7C55E040-D79D-4E37-955D-78D51BB39247}\mpengine.dll
2012-10-11 11:43:20 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-10-11 11:43:18 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-10-11 11:43:17 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-10-11 11:43:16 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-10-11 11:43:06 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-10-11 11:43:05 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-10-11 11:43:05 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-10-11 11:43:03 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-10-11 11:41:41 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2012-10-11 11:41:40 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-10-11 11:41:40 1159680 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-10-11 11:41:39 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-10-11 11:41:38 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-10-11 11:41:38 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-10-03 21:11:44 -------- d-----w- C:\Users\YR\AppData\Local\MetaGeek,_LLC
2012-10-03 20:09:35 -------- d-----w- C:\ProgramData\VirtualizedApplications
2012-10-03 18:57:25 -------- d-----w- C:\Users\YR\AppData\Local\LogMeIn Rescue Applet
2012-10-03 18:31:10 -------- d-----w- C:\Users\YR\AppData\Local\Adobe
2012-09-30 21:31:21 -------- d-----w- C:\Users\YR\AppData\Local\Apple Computer
2012-09-30 21:31:08 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2012-09-30 21:30:05 -------- d-----w- C:\Program Files\iPod
2012-09-30 21:30:01 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-09-30 21:30:01 -------- d-----w- C:\Program Files\iTunes
2012-09-30 21:30:01 -------- d-----w- C:\Program Files (x86)\iTunes
2012-09-30 21:28:50 -------- d-----w- C:\Users\YR\AppData\Local\Apple
2012-09-30 21:27:05 -------- d-----w- C:\Program Files\Bonjour
2012-09-30 21:27:05 -------- d-----w- C:\Program Files (x86)\Bonjour
2012-09-30 21:20:52 -------- d-----w- C:\Users\YR\AppData\Local\CrashDumps
2012-09-30 21:12:22 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-09-30 21:12:20 969200 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-09-30 21:12:19 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-09-30 21:11:35 41224 ----a-w- C:\Windows\avastSS.scr
2012-09-30 19:59:18 -------- d-----w- C:\Users\YR\AppData\Roaming\SoftGrid Client
2012-09-30 19:59:18 -------- d-----w- C:\Users\YR\AppData\Local\SoftGrid Client
2012-09-30 19:58:13 -------- d-----w- C:\Program Files (x86)\Microsoft Application Virtualization Client
2012-09-30 19:58:02 -------- d-----w- C:\Users\YR\AppData\Roaming\TP
2012-09-27 21:17:40 -------- d-----w- C:\Windows\SysWow64\Wat
2012-09-27 21:17:40 -------- d-----w- C:\Windows\System32\Wat
2012-09-26 08:23:06 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
2012-09-24 21:59:50 294912 ----a-w- C:\Windows\System32\browserchoice.exe
2012-09-24 21:39:36 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-09-24 21:39:36 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-09-24 21:39:36 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-09-24 21:39:35 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-09-24 21:39:35 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-09-23 21:42:57 -------- d-----w- C:\Users\YR\AppData\Local\Diagnostics
2012-09-23 21:24:41 895088 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-09-23 21:24:23 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-09-23 21:24:13 710992 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-09-21 03:51:00 662016 ----a-w- C:\Windows\vsnp2uvc.exe
2012-09-21 03:51:00 375808 ----a-w- C:\Windows\System32\vsnp2uvc.dll
2012-09-21 03:51:00 35456 ----a-w- C:\Windows\System32\drivers\sncduvc.sys
2012-09-21 03:51:00 306176 ----a-w- C:\Windows\SysWow64\vsnp2uvc.dll
2012-09-21 03:51:00 245760 ----a-w- C:\Windows\SysWow64\rsnp2uvc.dll
2012-09-21 03:51:00 24576 ----a-w- C:\Windows\snuvcdsm.exe
2012-09-21 03:51:00 242176 ----a-w- C:\Windows\System32\csnp2uvc.dll
2012-09-21 03:51:00 240640 ----a-w- C:\Windows\System32\rsnp2uvc.dll
2012-09-21 03:51:00 1801216 ----a-w- C:\Windows\System32\drivers\snp2uvc.sys
2012-09-21 03:51:00 -------- d-----w- C:\Program Files (x86)\Common Files\SNP2UVC
2012-09-21 03:49:57 83 ------w- C:\Windows\System32\IHV_Install.bat
2012-09-21 03:49:40 -------- d-----w- C:\ProgramData\Roaming
2012-09-21 03:49:09 -------- d-----w- C:\Program Files (x86)\Cisco
2012-09-21 03:48:57 8192 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll
2012-09-21 03:48:53 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
2012-09-20 22:14:01 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll
2012-09-20 22:14:01 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
2012-09-20 22:14:01 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2012-09-20 22:14:00 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2012-09-20 22:14:00 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2012-09-20 22:12:59 288768 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2012-09-20 22:10:53 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2012-09-20 22:07:47 9308616 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-09-20 20:23:45 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-09-20 20:23:45 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-09-20 20:23:45 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-09-20 20:17:50 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-09-20 20:17:37 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-09-20 20:17:37 -------- d-----w- C:\Users\YR\AppData\Local\Google
2012-09-20 20:17:27 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-09-20 20:17:27 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-09-20 20:14:09 -------- d-----w- C:\Users\YR\AppData\Roaming\Fujitsu Launch Center
2012-09-20 20:13:52 -------- d-sh--w- C:\$RECYCLE.BIN
2012-09-20 20:11:51 -------- d-----w- C:\Users\YR\AppData\Local\VirtualStore
2012-09-20 20:11:43 -------- d-----w- C:\Program Files (x86)\Intel Corporation
2012-09-20 20:11:43 -------- d-----w- C:\Program Files (x86)\Common Files\Intel Corporation
2012-09-20 20:10:21 -------- d-----w- C:\ProgramData\Fujitsu
2012-09-20 20:09:04 112128 ----a-w- C:\Program Files\Windows Sidebar\Shared Gadgets\eBayGadgetFS.gadget\Bin\eBayGadget.dll
.
==================== Find3M ====================
.
2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-08-24 18:05:07 220160 ----a-w- C:\Windows\System32\wintrust.dll
2012-08-24 16:57:48 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-08-22 18:12:50 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-08-22 18:12:40 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2012-08-22 18:12:40 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2012-08-22 18:12:33 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-08-21 21:01:00 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2012-08-21 12:01:20 125872 ----a-w- C:\Windows\System32\GEARAspi64.dll
2012-08-21 12:01:20 106928 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
2012-08-20 18:48:44 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-08-20 18:48:44 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-08-20 18:48:44 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-08-20 18:48:37 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-08-20 17:40:21 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-08-20 17:38:44 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-08-20 17:38:26 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-08-20 17:37:19 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-08-20 15:38:21 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-08-20 15:38:20 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-08-20 15:33:28 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:28 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:28 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:28 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-08-11 00:56:03 715776 ----a-w- C:\Windows\System32\kerberos.dll
2012-08-10 23:56:14 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll
2012-08-02 17:58:52 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
2012-08-02 16:57:20 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 13:34:21.32 ===============
-
Please read Before You Post
While best efforts are made to assist in removing infections safely, unexpected stuff can happen. It is advisable that you back up your important data before starting any clean up procedure. Neither Safer Networking Forums nor the Analyst providing the advice may be held responsible for any loss.
Until we deem your system clean I am going to ask you not to install or uninstall any software or hardware except for the programs we may run.
Running programs with Vista or Windows 7 , you need to Right Click on the program and select RUN AS ADMINISTATOR
uninstall a program called WebAssistant, it comes with Incredimail / Incredibar and hides the search engine control program.
MyStart is an adware program. There should be an add/remove entry from control panel that you may use to uninstall MyStart. You can also try this procedure to remove it from different browsers.
Remove MyStart in Internet Explorer:
1. Open Internet Explorer.
2. Go to Tools > Options.
3. On General tab, proceed to ”Change search defaults” and click the “Settings” button.
4. You will see a list of search providers. Select your desired search provider and click the button “Set as default” to replace MyStart by Incredibar.
5. You may now remove MyStart from the list.
Remove MyStart in Mozilla Firefox:
1. Open Mozilla Firefox Internet Browser.
2. On Google’s Search box, click the “arrow down” beside the logo.
3. Select “Manage Search Engine” from the drop-down list.
4. Choose your desired search default (like Google) and click the button “Move up.” It should be on the top of the list to set it as default.
5. You can now remove other installed search engine.
Remove MyStart in Google Chrome:
1. Open Google Chrome.
2. Click on the Wrench icon on top right corner of the browser.
3. Choose “Settings” from the drop down list.
4. Select “Basics.”
5. Click on “Manage search engines” under SEARCH settings area.
6. Hover your mouse to a preferred search engine and click “Make default.”
7. You can now remove MyStart by Incredibar search by clicking on the X mark.
-
Done but when I click on a new tab I still get that my incredible page come up on google chrome, problem fixed with IE and firefox
-
Is it worth me uninstalling chrome and re installing?
-
Yes, but hang on because if its not a complete uninstall when you install the new one incredibar will be back
OTL by OldTimer
- Download OTL to your desktop.
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- When the window appears, underneath Output at the top change it to Minimal Output.
- Click the "Scan All Users" checkbox.
- Check the boxes beside LOP Check and Purity Check.
- Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically. - Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.
-
OTL logfile created on: 10/17/2012 9:51:11 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\YR\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
3.91 Gb Total Physical Memory | 2.46 Gb Available Physical Memory | 62.91% Memory free
7.83 Gb Paging File | 6.24 Gb Available in Paging File | 79.78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 345.13 Gb Total Space | 305.59 Gb Free Space | 88.54% Space Free | Partition Type: NTFS
Drive D: | 100.00 Gb Total Space | 64.51 Gb Free Space | 64.51% Space Free | Partition Type: NTFS
Computer Name: YR-PC | User Name: YR | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\YR\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe (Fujitsu Technology Solutions)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
PRC - C:\Windows\vsnp2uvc.exe (Sonix)
PRC - C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.)
========== Modules (No Company Name) ==========
MOD - C:\Users\YR\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppgooglenaclpluginchrome.dll ()
MOD - C:\Users\YR\AppData\Local\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll ()
MOD - C:\Users\YR\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll ()
MOD - C:\Users\YR\AppData\Local\Google\Chrome\Application\22.0.1229.94\libglesv2.dll ()
MOD - C:\Users\YR\AppData\Local\Google\Chrome\Application\22.0.1229.94\libegl.dll ()
MOD - C:\Users\YR\AppData\Local\Google\Chrome\Application\22.0.1229.94\avutil-51.dll ()
MOD - C:\Users\YR\AppData\Local\Google\Chrome\Application\22.0.1229.94\avformat-54.dll ()
MOD - C:\Users\YR\AppData\Local\Google\Chrome\Application\22.0.1229.94\avcodec-54.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\log4net\9833bcbd6eb1461bf506e09b40a2188b\log4net.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeskUpdateNotifier\d7b6da7018ea1a67efb6f4c5e41d1ef0\DeskUpdateNotifier.ni.exe ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bd2433e160ce2f19acc8ebe10babae8d\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\6711765f90c0082ec393943b924ed277\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\c06946b464ae8dd22151e0a6f310c976\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\29e48cb144e24a7b4335d1360cc06642\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\9cf67ed1b743fbc3dd6b78fbc0595236\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\1bdf7de454340e0ea9fc455aeaec49d9\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:64bit: - (PFNService) -- C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe (FUJITSU LIMITED)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (PowerSavingUtilityService) -- C:\Program Files\Fujitsu\PSUtility\PSUService.exe (FUJITSU LIMITED)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\Netwsw00.sys (Intel Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (wdkmd) -- C:\Windows\SysNative\drivers\WDKMD.sys (Intel Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (iBtFltCoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation)
DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (FBIOSDRV) -- C:\Windows\SysNative\drivers\FBIOSDRV.sys (FUJITSU LIMITED)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (FUJ02E3) -- C:\Windows\SysNative\drivers\fuj02e3.sys (FUJITSU LIMITED)
DRV:64bit: - (FUJ02B1) -- C:\Windows\SysNative\drivers\fuj02b1.sys (FUJITSU LIMITED)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {E4AEF8C0-A9D6-4817-BFE4-A5D7E266114E}
IE:64bit: - HKLM\..\SearchScopes\{E4AEF8C0-A9D6-4817-BFE4-A5D7E266114E}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {E4AEF8C0-A9D6-4817-BFE4-A5D7E266114E}
IE - HKLM\..\SearchScopes\{E4AEF8C0-A9D6-4817-BFE4-A5D7E266114E}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSF
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-288869447-1382899389-2484242644-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ts.fujitsu.com
IE - HKU\S-1-5-21-288869447-1382899389-2484242644-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.google.com/ig/redirectd [Binary data over 200 bytes]
IE - HKU\S-1-5-21-288869447-1382899389-2484242644-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKU\S-1-5-21-288869447-1382899389-2484242644-1000\..\SearchScopes,DefaultScope = {E4AEF8C0-A9D6-4817-BFE4-A5D7E266114E}
IE - HKU\S-1-5-21-288869447-1382899389-2484242644-1000\..\SearchScopes\{E4AEF8C0-A9D6-4817-BFE4-A5D7E266114E}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSG_enGB502
IE - HKU\S-1-5-21-288869447-1382899389-2484242644-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-288869447-1382899389-2484242644-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\YR\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\YR\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox
[2012/10/15 20:56:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\YR\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions
[2012/10/15 20:56:02 | 000,189,644 | ---- | M] () (No name found) -- C:\Users\YR\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\onlinehdtv@onlinehd.tv.xpi
[2012/10/15 20:58:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
========== Chrome ==========
CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\YR\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\YR\AppData\Local\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\YR\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\YR\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: Windows Live\\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - Extension: avast! WebRep = C:\Users\YR\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: New tab for Chrome\u2122 = C:\Users\YR\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-288869447-1382899389-2484242644-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [FDM7] C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [LoadFUJ02E3] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PfNet] C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DeskUpdateNotifier] c:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe (Fujitsu Technology Solutions)
O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix)
O4 - HKLM..\Run: [YouCam Mirror Tray icon] C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk = File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-288869447-1382899389-2484242644-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3F7562C9-F27E-463D-8296-32ADF363F79A}: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{513A9D91-8545-4E80-B3DB-05192565187A}: DhcpNameServer = 194.168.4.100 194.168.8.100
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
-
[2012/10/17 21:49:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\YR\Desktop\OTL.exe
[2012/10/16 13:55:19 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Roaming\Windows Live Writer
[2012/10/16 13:55:19 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Local\Windows Live Writer
[2012/10/16 13:53:57 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Local\WinZip
[2012/10/16 13:52:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
[2012/10/16 13:51:51 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2012/10/16 13:51:46 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2012/10/16 13:14:55 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Roaming\Malwarebytes
[2012/10/16 13:14:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/10/16 13:14:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/10/16 13:14:39 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/10/16 13:14:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/10/15 20:58:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Perion
[2012/10/15 20:58:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/10/15 20:57:36 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WNLT
[2012/10/15 20:56:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2012/10/15 20:56:02 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Roaming\Mozilla
[2012/10/15 20:56:01 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OnlineHD.TV
[2012/10/15 20:56:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OnlineHD.TV
[2012/10/11 12:43:18 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/10/11 12:43:17 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/10/11 12:43:16 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/10/11 12:43:06 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/10/11 12:43:06 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/10/11 12:43:05 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/10/11 12:43:05 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/10/11 12:42:57 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/10/11 12:42:57 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/10/11 12:42:57 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/10/11 12:42:57 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/10/11 12:42:57 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/10/11 12:42:57 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/10/11 12:42:57 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/10/11 12:42:57 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/10/11 12:42:57 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/10/11 12:42:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/10/11 12:42:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/10/11 12:42:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/10/11 12:42:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/10/11 12:42:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/10/11 12:42:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/10/11 12:42:56 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/10/11 12:42:56 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/10/11 12:42:56 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/10/11 12:42:56 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/10/11 12:42:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/10/11 12:42:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/10/11 12:42:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/10/11 12:42:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/10/11 12:42:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/10/11 12:42:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/10/11 12:42:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/10/11 12:42:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/10/11 12:42:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/10/11 12:42:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/10/11 12:42:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/11 12:42:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/11 12:42:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/10/11 12:42:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/10/11 12:42:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/10/11 12:42:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/10/11 12:42:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/10/11 12:42:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/10/11 12:42:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/10/11 12:42:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/10/11 12:42:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/10/11 12:42:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/10/11 12:42:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/10/11 12:42:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/10/11 12:42:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/10/11 12:42:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/10/11 12:42:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/10/11 12:42:55 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/10/11 12:42:55 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/10/11 12:42:55 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/10/11 12:42:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/10/11 12:42:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/10/11 12:42:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/10/11 12:42:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/10/11 12:42:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/10/11 12:42:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/10/11 12:42:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/10/11 12:42:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/10/11 12:42:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/10/11 12:42:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/10/11 12:42:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/10/11 12:42:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/10/11 12:42:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/10/11 12:42:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/10/11 12:42:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/10/11 12:42:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/10/11 12:42:38 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/10/11 12:41:41 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/10/11 12:41:39 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/10/03 22:11:44 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Local\MetaGeek,_LLC
[2012/10/03 22:05:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)
[2012/10/03 21:09:35 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2012/10/03 19:57:25 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Local\LogMeIn Rescue Applet
[2012/10/03 19:37:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012/10/03 19:31:10 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Roaming\Adobe
[2012/10/03 19:31:10 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Local\Adobe
[2012/09/30 22:31:21 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Local\Apple Computer
[2012/09/30 22:31:19 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Roaming\Apple Computer
[2012/09/30 22:31:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/09/30 22:31:08 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2012/09/30 22:31:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012/09/30 22:30:05 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/09/30 22:30:01 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/09/30 22:30:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/09/30 22:30:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/09/30 22:30:01 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012/09/30 22:28:50 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Local\Apple
[2012/09/30 22:28:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012/09/30 22:27:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012/09/30 22:27:05 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/09/30 22:27:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012/09/30 22:26:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012/09/30 22:26:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012/09/30 22:20:52 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Local\CrashDumps
[2012/09/30 22:12:27 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/09/30 22:12:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/09/30 22:12:26 | 000,359,464 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/09/30 22:12:22 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/09/30 22:12:21 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/09/30 22:12:20 | 000,969,200 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/09/30 22:12:19 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/09/30 22:11:35 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/09/30 22:11:33 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/09/30 20:59:18 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Roaming\SoftGrid Client
[2012/09/30 20:59:18 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Local\SoftGrid Client
[2012/09/30 20:58:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/09/30 20:58:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/09/30 20:58:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Application Virtualization Client
[2012/09/30 20:58:02 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Roaming\TP
[2012/09/27 22:17:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/09/27 22:17:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/09/26 09:18:16 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012/09/26 09:18:14 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2012/09/26 09:18:14 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2012/09/26 09:18:06 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2012/09/26 09:18:05 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2012/09/26 09:18:05 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2012/09/26 09:18:04 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2012/09/26 09:18:04 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2012/09/26 09:18:04 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2012/09/26 09:18:03 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2012/09/24 22:59:50 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2012/09/24 22:50:05 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/09/24 22:50:04 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/09/24 22:50:03 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/09/24 22:50:02 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/09/24 22:50:02 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/09/24 22:50:02 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/09/24 22:50:02 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/09/24 22:50:02 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/09/24 22:50:00 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/09/24 22:50:00 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/09/24 22:49:59 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/09/24 22:49:59 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/09/24 22:49:55 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/09/24 22:49:55 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/09/24 22:49:55 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/09/24 22:39:36 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/09/24 22:39:36 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/09/23 22:42:57 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Local\Diagnostics
[2012/09/21 04:51:00 | 000,662,016 | ---- | C] (Sonix) -- C:\Windows\vsnp2uvc.exe
[2012/09/21 04:51:00 | 000,375,808 | ---- | C] (Sonix Technology Co., Ltd.) -- C:\Windows\SysNative\vsnp2uvc.dll
[2012/09/21 04:51:00 | 000,306,176 | ---- | C] (Sonix Technology Co., Ltd.) -- C:\Windows\SysWow64\vsnp2uvc.dll
[2012/09/21 04:51:00 | 000,242,176 | ---- | C] (Sonix Technology Co., Ltd.) -- C:\Windows\SysNative\csnp2uvc.dll
[2012/09/21 04:51:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SNP2UVC
[2012/09/21 04:51:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FJ Camera
[2012/09/21 04:49:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Roaming
[2012/09/21 04:49:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
[2012/09/21 04:49:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012/09/21 04:49:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2012/09/21 04:48:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2012/09/20 23:14:36 | 000,000,000 | ---D | C] -- C:\Users\YR\Documents\Downloads
[2012/09/20 23:14:35 | 000,000,000 | ---D | C] -- C:\Users\YR\Documents\Betfair
[2012/09/20 23:14:34 | 000,000,000 | ---D | C] -- C:\Users\YR\Documents\ODDS
[2012/09/20 23:14:34 | 000,000,000 | ---D | C] -- C:\Users\YR\Documents\New Folder
[2012/09/20 23:14:31 | 000,000,000 | ---D | C] -- C:\Users\YR\Documents\MB
[2012/09/20 23:14:01 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012/09/20 23:14:00 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012/09/20 23:13:57 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/09/20 23:13:56 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/09/20 23:13:40 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012/09/20 23:13:39 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012/09/20 23:13:38 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012/09/20 23:13:38 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012/09/20 23:13:38 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012/09/20 23:13:38 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012/09/20 23:13:38 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012/09/20 23:13:38 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012/09/20 23:13:38 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012/09/20 23:13:35 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012/09/20 23:13:31 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012/09/20 23:13:24 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012/09/20 23:13:24 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012/09/20 23:13:22 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/09/20 23:13:20 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012/09/20 23:13:16 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/09/20 23:13:16 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/09/20 23:13:16 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/09/20 23:13:15 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/09/20 23:13:11 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/09/20 23:13:08 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012/09/20 23:13:08 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012/09/20 23:13:08 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012/09/20 23:13:07 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012/09/20 23:13:07 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012/09/20 23:13:07 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012/09/20 23:13:07 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012/09/20 23:13:07 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012/09/20 23:13:06 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012/09/20 23:13:06 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012/09/20 23:13:06 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012/09/20 23:13:06 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012/09/20 23:13:06 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012/09/20 23:12:58 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/09/20 23:12:58 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/09/20 23:12:51 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/09/20 23:12:50 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/09/20 23:12:49 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012/09/20 23:12:49 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012/09/20 23:12:48 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/09/20 23:12:47 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/09/20 23:12:47 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/09/20 23:12:46 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012/09/20 23:12:46 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012/09/20 23:12:46 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2012/09/20 23:12:46 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012/09/20 23:12:45 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012/09/20 23:12:42 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/09/20 23:12:42 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/09/20 23:12:40 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012/09/20 23:12:40 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012/09/20 23:12:40 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012/09/20 23:12:39 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012/09/20 23:12:36 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012/09/20 23:12:28 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012/09/20 23:12:27 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/09/20 23:12:27 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/09/20 23:12:27 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/09/20 23:12:13 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/09/20 23:12:13 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/09/20 23:12:13 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/09/20 23:12:13 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/09/20 23:12:13 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/09/20 23:12:04 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2012/09/20 23:12:03 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012/09/20 23:12:02 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/09/20 23:12:02 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/09/20 23:12:02 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012/09/20 23:12:02 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/09/20 23:12:02 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/09/20 23:11:59 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012/09/20 23:11:59 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012/09/20 23:11:59 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012/09/20 23:11:25 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/09/20 23:11:25 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/09/20 23:11:25 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/09/20 23:11:24 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/09/20 23:11:19 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012/09/20 23:11:18 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012/09/20 23:11:17 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012/09/20 23:11:17 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012/09/20 23:11:17 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012/09/20 23:11:17 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012/09/20 23:11:17 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012/09/20 23:11:17 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012/09/20 23:11:01 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/09/20 23:11:01 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012/09/20 23:11:01 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012/09/20 23:10:53 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2012/09/20 23:10:53 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2012/09/20 23:10:39 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012/09/20 23:10:38 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012/09/20 23:10:30 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012/09/20 23:10:28 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012/09/20 23:10:25 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/09/20 23:10:25 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/09/20 23:10:24 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/09/20 23:10:23 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/09/20 23:10:06 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/09/20 23:10:03 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/09/20 23:10:02 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/09/20 23:10:02 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/09/20 21:23:45 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/09/20 21:23:45 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/09/20 21:19:34 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/09/20 21:17:50 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/09/20 21:17:50 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/09/20 21:17:50 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/09/20 21:17:37 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/09/20 21:17:37 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/09/20 21:17:37 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/09/20 21:17:37 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Roaming\Google
[2012/09/20 21:17:37 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Local\Google
[2012/09/20 21:17:27 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/09/20 21:17:27 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/09/20 21:14:09 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Roaming\Fujitsu Launch Center
[2012/09/20 21:13:52 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/09/20 21:11:51 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Local\VirtualStore
[2012/09/20 21:11:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
[2012/09/20 21:11:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel Corporation
[2012/09/20 21:11:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2012/09/20 21:11:27 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
[2012/09/20 21:11:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2012/09/20 21:10:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Fujitsu
[2012/09/20 21:10:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2012/09/20 21:09:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LifeBook Application Panel
[2012/09/20 21:08:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/09/20 21:08:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/09/20 21:00:41 | 000,000,000 | RHSD | C] -- C:\Users\YR\Documents\My Videos
[2012/09/20 21:00:41 | 000,000,000 | RHSD | C] -- C:\Users\YR\Documents\My Pictures
[2012/09/20 21:00:41 | 000,000,000 | RHSD | C] -- C:\Users\YR\Documents\My Music
[2012/09/20 21:00:41 | 000,000,000 | -HSD | C] -- C:\Users\YR\AppData\Local\Temporary Internet Files
[2012/09/20 21:00:41 | 000,000,000 | -HSD | C] -- C:\Users\YR\Templates
[2012/09/20 21:00:41 | 000,000,000 | -HSD | C] -- C:\Users\YR\Start Menu
[2012/09/20 21:00:41 | 000,000,000 | -HSD | C] -- C:\Users\YR\SendTo
[2012/09/20 21:00:41 | 000,000,000 | -HSD | C] -- C:\Users\YR\Recent
[2012/09/20 21:00:41 | 000,000,000 | -HSD | C] -- C:\Users\YR\PrintHood
[2012/09/20 21:00:41 | 000,000,000 | -HSD | C] -- C:\Users\YR\NetHood
[2012/09/20 21:00:41 | 000,000,000 | -HSD | C] -- C:\Users\YR\My Documents
[2012/09/20 21:00:41 | 000,000,000 | -HSD | C] -- C:\Users\YR\Local Settings
[2012/09/20 21:00:41 | 000,000,000 | -HSD | C] -- C:\Users\YR\AppData\Local\History
[2012/09/20 21:00:41 | 000,000,000 | -HSD | C] -- C:\Users\YR\Cookies
[2012/09/20 21:00:41 | 000,000,000 | -HSD | C] -- C:\Users\YR\Application Data
[2012/09/20 21:00:41 | 000,000,000 | -HSD | C] -- C:\Users\YR\AppData\Local\Application Data
[2012/09/20 21:00:39 | 000,000,000 | --SD | C] -- C:\Users\YR\AppData\Roaming\Microsoft
[2012/09/20 21:00:39 | 000,000,000 | R--D | C] -- C:\Users\YR\Videos
[2012/09/20 21:00:39 | 000,000,000 | R--D | C] -- C:\Users\YR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/09/20 21:00:39 | 000,000,000 | R--D | C] -- C:\Users\YR\Searches
[2012/09/20 21:00:39 | 000,000,000 | R--D | C] -- C:\Users\YR\Saved Games
[2012/09/20 21:00:39 | 000,000,000 | R--D | C] -- C:\Users\YR\Pictures
[2012/09/20 21:00:39 | 000,000,000 | R--D | C] -- C:\Users\YR\Music
[2012/09/20 21:00:39 | 000,000,000 | R--D | C] -- C:\Users\YR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/09/20 21:00:39 | 000,000,000 | R--D | C] -- C:\Users\YR\Links
[2012/09/20 21:00:39 | 000,000,000 | R--D | C] -- C:\Users\YR\Favorites
[2012/09/20 21:00:39 | 000,000,000 | R--D | C] -- C:\Users\YR\Downloads
[2012/09/20 21:00:39 | 000,000,000 | R--D | C] -- C:\Users\YR\Documents
[2012/09/20 21:00:39 | 000,000,000 | R--D | C] -- C:\Users\YR\Desktop
[2012/09/20 21:00:39 | 000,000,000 | R--D | C] -- C:\Users\YR\Contacts
[2012/09/20 21:00:39 | 000,000,000 | R--D | C] -- C:\Users\YR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/09/20 21:00:39 | 000,000,000 | R--D | C] -- C:\Users\YR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/09/20 21:00:39 | 000,000,000 | -H-D | C] -- C:\Users\YR\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/09/20 21:00:39 | 000,000,000 | -H-D | C] -- C:\Users\YR\AppData
[2012/09/20 21:00:39 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Local\Windows Live
[2012/09/20 21:00:39 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Local\Temp
[2012/09/20 21:00:39 | 000,000,000 | ---D | C] -- C:\Users\YR\Roaming
[2012/09/20 21:00:39 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Local\Microsoft
[2012/09/20 21:00:39 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Roaming\Intel
[2012/09/20 21:00:39 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Roaming\Identities
[2012/09/20 21:00:39 | 000,000,000 | ---D | C] -- C:\Users\YR\AppData\Roaming\Fujitsu
[2012/09/20 21:00:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Partner
[2012/09/20 21:00:26 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012/09/20 21:00:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2012/09/20 21:00:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/09/20 20:58:15 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
========== Files - Modified Within 30 Days ==========
[2012/10/17 21:49:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\YR\Desktop\OTL.exe
[2012/10/17 21:29:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/17 21:28:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-288869447-1382899389-2484242644-1000UA.job
[2012/10/17 20:59:04 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/17 20:59:04 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/17 20:51:04 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/17 20:50:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/17 20:50:18 | 3152,547,840 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/16 13:57:33 | 000,001,946 | ---- | M] () -- C:\Users\YR\Desktop\attach.zip
[2012/10/16 13:52:19 | 000,002,283 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
[2012/10/16 13:14:44 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/16 12:50:34 | 000,000,215 | ---- | M] () -- C:\Users\YR\Desktop\f siemens.rtf
[2012/10/15 20:58:05 | 000,000,447 | ---- | M] () -- C:\user.js
[2012/10/11 22:28:00 | 000,000,844 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-288869447-1382899389-2484242644-1000Core.job
[2012/10/02 20:36:55 | 005,150,434 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/10/02 20:36:55 | 000,748,340 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2012/10/02 20:36:55 | 000,748,184 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2012/10/02 20:36:55 | 000,746,054 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2012/10/02 20:36:55 | 000,742,876 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2012/10/02 20:36:55 | 000,699,624 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012/10/02 20:36:55 | 000,665,232 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/10/02 20:36:55 | 000,161,808 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2012/10/02 20:36:55 | 000,156,400 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2012/10/02 20:36:55 | 000,152,776 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2012/10/02 20:36:55 | 000,152,266 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012/10/02 20:36:55 | 000,150,272 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2012/10/02 20:36:55 | 000,125,678 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/10/01 22:31:29 | 005,200,976 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/09/30 22:12:19 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/09/30 22:04:06 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/09/26 09:06:20 | 000,274,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/09/21 04:58:05 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/09/21 04:58:05 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/09/21 04:49:57 | 000,000,083 | ---- | M] () -- C:\Windows\SysNative\IHV_Install.bat
[2012/09/20 23:06:53 | 000,000,355 | ---- | M] () -- C:\Users\YR\Desktop\Computer - Shortcut.lnk
[2012/09/20 21:17:32 | 000,001,443 | ---- | M] () -- C:\Users\YR\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/09/20 21:12:19 | 000,000,012 | ---- | M] () -- C:\Windows\SysWow64\drivers\10CF_FUJITSU_FTS_LIFEBOOK AH531_PI_FUJITSU_FJNBB0F_Default System BIOS_FUJ - 1_1.31_Intel(R) HD Graphics Family.MRK
[2012/09/20 21:12:19 | 000,000,012 | ---- | M] () -- C:\Windows\SysNative\drivers\10CF_FUJITSU_FTS_LIFEBOOK AH531_PI_FUJITSU_FJNBB0F_Default System BIOS_FUJ - 1_1.31_Intel(R) HD Graphics Family.MRK
[2012/09/20 21:11:51 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iwdbus_01009.Wdf
[2012/09/20 21:11:48 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WDKMD_01009.Wdf
[2012/09/20 21:08:07 | 000,001,296 | ---- | M] () -- C:\Windows\SysWow64\TRACE.trace
[2012/09/20 21:01:07 | 000,015,406 | ---- | M] () -- C:\Windows\SysNative\results.xml
========== Files Created - No Company Name ==========
[2012/10/16 13:57:33 | 000,001,946 | ---- | C] () -- C:\Users\YR\Desktop\attach.zip
[2012/10/16 13:52:18 | 000,002,283 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
[2012/10/16 13:14:44 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/16 12:50:34 | 000,000,215 | ---- | C] () -- C:\Users\YR\Desktop\f siemens.rtf
[2012/10/15 20:58:04 | 000,000,447 | ---- | C] () -- C:\user.js
[2012/10/03 19:37:15 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012/09/30 22:28:46 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/09/30 22:04:06 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/09/21 04:51:00 | 001,801,216 | ---- | C] () -- C:\Windows\SysNative\drivers\snp2uvc.sys
[2012/09/21 04:51:00 | 000,245,760 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2uvc.dll
[2012/09/21 04:51:00 | 000,240,640 | ---- | C] ( ) -- C:\Windows\SysNative\rsnp2uvc.dll
[2012/09/21 04:51:00 | 000,035,456 | ---- | C] () -- C:\Windows\SysNative\drivers\sncduvc.sys
[2012/09/21 04:51:00 | 000,024,576 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2012/09/21 04:51:00 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2012/09/21 04:51:00 | 000,013,021 | ---- | C] () -- C:\Windows\snp2uvc.src
[2012/09/21 04:49:57 | 000,000,083 | ---- | C] () -- C:\Windows\SysNative\IHV_Install.bat
[2012/09/21 04:48:57 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2012/09/21 04:43:50 | 3152,547,840 | -HS- | C] () -- C:\hiberfil.sys
[2012/09/20 23:14:34 | 010,387,985 | ---- | C] () -- C:\Users\YR\Documents\Ultimate.Bluetooth.1.8.rar
[2012/09/20 23:13:57 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012/09/20 23:06:53 | 000,000,355 | ---- | C] () -- C:\Users\YR\Desktop\Computer - Shortcut.lnk
[2012/09/20 21:18:31 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-288869447-1382899389-2484242644-1000UA.job
[2012/09/20 21:18:31 | 000,000,844 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-288869447-1382899389-2484242644-1000Core.job
[2012/09/20 21:17:32 | 000,001,443 | ---- | C] () -- C:\Users\YR\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/09/20 21:12:19 | 000,000,012 | ---- | C] () -- C:\Windows\SysWow64\drivers\10CF_FUJITSU_FTS_LIFEBOOK AH531_PI_FUJITSU_FJNBB0F_Default System BIOS_FUJ - 1_1.31_Intel(R) HD Graphics Family.MRK
[2012/09/20 21:12:19 | 000,000,012 | ---- | C] () -- C:\Windows\SysNative\drivers\10CF_FUJITSU_FTS_LIFEBOOK AH531_PI_FUJITSU_FJNBB0F_Default System BIOS_FUJ - 1_1.31_Intel(R) HD Graphics Family.MRK
[2012/09/20 21:11:51 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iwdbus_01009.Wdf
[2012/09/20 21:11:48 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WDKMD_01009.Wdf
[2012/09/20 21:11:45 | 000,002,058 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) WiDi.lnk
[2012/09/20 21:01:17 | 000,001,296 | ---- | C] () -- C:\Windows\SysWow64\TRACE.trace
[2012/09/20 21:00:40 | 000,000,290 | ---- | C] () -- C:\Users\YR\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/09/20 21:00:40 | 000,000,272 | ---- | C] () -- C:\Users\YR\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/09/20 21:00:39 | 000,001,449 | ---- | C] () -- C:\Users\YR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/09/20 21:00:39 | 000,001,415 | ---- | C] () -- C:\Users\YR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/09/20 21:00:21 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/20 21:00:21 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/07 18:16:59 | 005,200,976 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/05/02 01:21:18 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/05/02 01:21:15 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/05/02 01:21:12 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/05/02 01:21:09 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/05/02 01:21:06 | 013,359,616 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2010/11/25 05:43:32 | 000,040,448 | ---- | C] () -- C:\Windows\REGOBJ.DLL
========== ZeroAccess Check ==========
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2011/05/07 20:24:53 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Fujitsu
[2011/05/07 20:24:53 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Fujitsu
[2011/05/07 20:24:53 | 000,000,000 | ---D | M] -- C:\Users\YR\AppData\Roaming\Fujitsu
[2012/09/20 21:14:20 | 000,000,000 | ---D | M] -- C:\Users\YR\AppData\Roaming\Fujitsu Launch Center
[2012/10/16 15:05:29 | 000,000,000 | ---D | M] -- C:\Users\YR\AppData\Roaming\SoftGrid Client
[2012/09/30 20:59:27 | 000,000,000 | ---D | M] -- C:\Users\YR\AppData\Roaming\TP
[2012/10/16 13:55:19 | 000,000,000 | ---D | M] -- C:\Users\YR\AppData\Roaming\Windows Live Writer
========== Purity Check ==========
< End of report >
-
OTL Extras logfile created on: 10/17/2012 9:51:11 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\YR\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
3.91 Gb Total Physical Memory | 2.46 Gb Available Physical Memory | 62.91% Memory free
7.83 Gb Paging File | 6.24 Gb Available in Paging File | 79.78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 345.13 Gb Total Space | 305.59 Gb Free Space | 88.54% Space Free | Partition Type: NTFS
Drive D: | 100.00 Gb Total Space | 64.51 Gb Free Space | 64.51% Space Free | Partition Type: NTFS
Computer Name: YR-PC | User Name: YR | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0194E714-8467-47AB-AD78-63284C73D3D6}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{06E89086-29C2-4D18-AC5D-25C083906403}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{09F21DF2-C8F6-4308-9399-7E9FA5F6B885}" = lport=139 | protocol=6 | dir=in | app=system |
"{1C0A51B1-8E96-4AAD-BA2B-2D4C958075A3}" = lport=10243 | protocol=6 | dir=in | app=system |
"{21848F6E-7B16-409F-AE0C-27D4FDCB1F0A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2BCA7A04-BD8C-419B-BCF8-B146437E467F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{39697303-8E2E-442C-8712-8113EC945DB9}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{3C199169-44B4-4F87-BB83-130C2155A555}" = lport=445 | protocol=6 | dir=in | app=system |
"{3F72AF6D-F1F4-4B05-BB96-C7B00763E777}" = lport=138 | protocol=17 | dir=in | app=system |
"{4C3DCF04-5F0E-4E4B-A53E-A4EF485278C3}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{550A3ED1-DB49-4607-94F7-C49B0A968634}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5EA839E7-8124-435F-BFDC-380C90866944}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{605400BB-976F-4189-905C-4F6832265DC6}" = lport=137 | protocol=17 | dir=in | app=system |
"{625E8C6E-12FC-45B6-AC09-50B481C1AC77}" = rport=137 | protocol=17 | dir=out | app=system |
"{76D76E56-A385-41A7-AAB6-1C707A61DD68}" = rport=138 | protocol=17 | dir=out | app=system |
"{94858ED2-DD73-4B44-A8F6-E949C65E662F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{96D3EEF2-E296-464C-B41D-929574770170}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{997AEA1E-9CBC-4B04-AADE-1BE5E55C0242}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C3B9E31D-8397-4056-8C9F-11E4EE1ED2FA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CF410514-200C-4B36-AF50-DC0E18F3A8BE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DD1E74D3-ADFA-41B3-9294-233ADF30D5B3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EECF3A7B-65BA-4BFA-BAF8-BE243E5F9816}" = rport=139 | protocol=6 | dir=out | app=system |
"{EF050188-50D6-46E0-BBE7-7DEFA0D705C7}" = rport=445 | protocol=6 | dir=out | app=system |
"{FF29BED8-B30A-4454-925C-55AC86416C94}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{15443CD3-EA4E-4697-8144-42452A028151}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2F4FF21E-0B11-43E2-A89E-D3C31BA8FFCE}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{366755E2-C6D7-4171-A211-9B0EF5D9EFFA}" = protocol=6 | dir=out | app=system |
"{3ADB9751-AAAD-4C19-A382-DC9C233D9863}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3D26EC18-9E0F-4D31-AAEE-98FBB5626287}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3D5DECB2-AA4C-4CB0-B61F-1862091632E3}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3D95E92F-37EE-4C86-AB6C-B5CB2DAD8737}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{489AA404-1AAB-4150-9084-7017614191D9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{54CE8D0F-C29F-467A-A784-BD9E54C379FA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{61ED718D-AB95-4EAE-B419-24ED94D7D756}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
"{6399AC6D-74BB-4BD3-8E56-0937267B18C5}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{64047F57-6566-4509-9B21-09FE171438B1}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6733533B-D92E-4D43-BE6E-329951CC5D62}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6B4B89A5-4CC1-45A3-9AD9-83092EEDF9C7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{73FF8CAB-6DE7-48E2-B2DB-9D70C6BFA60A}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{7B9104FF-2C03-46E2-B988-EF4D952F3F9A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{88599510-3ABA-46CB-A734-C3A0624C8396}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{928ADC65-B9C5-47F8-ACAD-C4E4484C89D7}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{9B6323A7-8301-495B-907F-4B182E54B706}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{9BA288D2-6567-4CDD-9386-136ED1620392}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9E26E0E2-3215-431C-B405-584F0F710E43}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9F3C2CDD-2B42-40D7-A134-A9AAAE31A7BB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A787CA7A-F9A6-4379-9EF3-78B1B32B295A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B25B05A4-688B-4159-B13B-3B6C982594D8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B5C90F00-0DD1-43CE-92D9-E309E24DA1D3}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{D085E780-AB63-4CB9-8B7E-FC6437E1FCB5}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{D7602490-33D0-4DD4-89F1-911AA352F54E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D9CFABC8-E295-4C17-A5DF-AF5281748D43}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{E17F6997-F59C-4DFA-BDF6-EB0B4C64AF7E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E19BD6CB-804A-4DB3-B30B-C2F9C8C122D9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{006B5C65-3938-4246-B182-994A7E415EDE}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}" = Intel(R) PROSet/Wireless WiFi Software
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{7BA64D21-EE46-4a9a-8145-52B0175C3F86}" = Plugfree NETWORK
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A5FADEAC-B0A9-4C27-A8B5-05381A339F4E}" = Plugfree NETWORK
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240D7}" = WinZip 17.0
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25680C01-6753-4FE9-A891-7857F26457C1}" = Intel(R) WiDi
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = FJ Camera
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{49A588CF-5FD4-4774-BFBF-0764287DE82B}" = Power Saving Utility
"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger
"{549BF60D-FDDA-4E4C-ABE3-9E897BC09E79}" = Anytime USB Charge Utility
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.2
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C8E4B31D-337C-483D-822D-16F11441669B}" = Fujitsu Hotkey Utility
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"avast" = avast! Free Antivirus
"DeskUpdate_is1" = DeskUpdate 4.13
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
"InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}" = Fujitsu Hotkey Utility
"InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.0.1400
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-288869447-1382899389-2484242644-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 10/17/2012 2:01:22 PM | Computer Name = YR-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 10/17/2012 2:01:22 PM | Computer Name = YR-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1045
Error - 10/17/2012 2:01:22 PM | Computer Name = YR-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1045
Error - 10/17/2012 2:01:23 PM | Computer Name = YR-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 10/17/2012 2:01:23 PM | Computer Name = YR-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2122
Error - 10/17/2012 2:01:23 PM | Computer Name = YR-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2122
Error - 10/17/2012 2:01:24 PM | Computer Name = YR-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 10/17/2012 2:01:24 PM | Computer Name = YR-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3401
Error - 10/17/2012 2:01:24 PM | Computer Name = YR-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3401
Error - 10/17/2012 3:51:43 PM | Computer Name = YR-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 9/27/2012 2:11:13 PM | Computer Name = YR-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x800706ba: Update for Microsoft .NET Framework 4 on Windows XP, Windows
Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008
R2 for x64-based Systems (KB2468871).
Error - 9/27/2012 5:09:47 PM | Computer Name = YR-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 19:11:16 on ?27/?09/?2012 was unexpected.
Error - 10/14/2012 11:35:51 AM | Computer Name = YR-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 12:00:16 on ?14/?10/?2012 was unexpected.
Error - 10/17/2012 1:32:32 PM | Computer Name = YR-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the NlaSvc service.
Error - 10/17/2012 1:32:32 PM | Computer Name = YR-PC | Source = Service Control Manager | ID = 7000
Description = The Network Location Awareness service failed to start due to the
following error: %%1053
Error - 10/17/2012 1:33:02 PM | Computer Name = YR-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the Dnscache service.
Error - 10/17/2012 1:33:32 PM | Computer Name = YR-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the Dnscache service.
Error - 10/17/2012 1:34:02 PM | Computer Name = YR-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the Dnscache service.
Error - 10/17/2012 1:38:34 PM | Computer Name = YR-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the NlaSvc service.
Error - 10/17/2012 1:38:34 PM | Computer Name = YR-PC | Source = Service Control Manager | ID = 7000
Description = The Network Location Awareness service failed to start due to the
following error: %%1053
< End of report >
-
Lets uninstall Chrome, but use this uninstaller to remove the files and registry entries, the program is free for 30 days
Install it and click on Google Chrome
http://www.revouninstaller.com/revo_..._download.html
Then download and install the new one here
https://www.google.com/intl/en/chrom...&utm_medium=ha
Let me know if this helped
-
Done as above problem still there.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
